When it comes to computers, you can’t ignore Microsoft. When it comes to the Internet, you can’t ignore Microsoft. And when it comes to internet security and protecting your personal information from identity thieves and hackers, you can’t ignore Microsoft. When it comes to computers/Internet, Microsoft is the 800 pound gorilla in the room, and that’s for sure.
The immense majority of computers, from government to business to personal, exploit a Microsoft operating system and probably a lot of Microsoft software. As of February 2024, Windows was by far the most widely used operating system in the world 72 percent of the world’s computers Some estimates put it as high as 90 percent. that makes one one and a half billion Windows based machines out there. This creates a gigantic pool of machines on which hackers can learn their craft.
So when some high-profile hacks come to lightweight, it’s worth taking a look at Microsoft to see if it was a vulnerability in this near-ubiquitous operating system that made the hack possible.
Previously on RedState: Iranian hackers caught sharing Trump campaign information with Team Biden
TREASON: Far-left blogger reveals JD Vance’s personal information hacked by Iran
One such hack is the highly publicized Trump campaign hack that was ongoing as of last week. A technology industry writer, Popular Information founder Judd Legum, has some information:
Email communications from people associated with the Trump campaign have been hacked by malicious actors over the past 10 days, Popular Information has confirmed.
On September 18, I received a message from “Robert” containing the cover page of a dossier on Senator JD Vance (R-OH), the Republican vice presidential nominee, dated February 23, 2024. Robert refused to identify himself except to point out that it was the same “Robert.” Providing stolen internal Trump campaign materials to Politico, the New York Times and the Washington Post in July and August. “I thought you heard Robert’s story,” he said.
It’s unclear whether Microsoft made this hack possible, but Microsoft touts security improvements made after some of these high-profile incidents. This has raised some well-deserved questions among high-tech commentators, including: “Cloudwars” founder Bob Evans:
I guess the problem under my belt is that Microsoft seems to want to be applauded, appreciated, and admired for recognizing – here in 2024 – that security can’t be a second thought, and certainly shouldn’t be an afterthought. That makes me wonder what Microsoft’s top priority was before CEO Satya Nadella finally became fed up with his company’s multitude of security failures and public embarrassments and decreed that security was the most critical thing from now on.
The mere fact that Microsoft is finally recognizing the primacy of security in today’s digital world is a good thing in my opinion. But to put it bluntly: why the hell did it take them so long to realize this?
Microsoft’s improvements appear to be mostly comprehensive Government accountsincluding user security to keep Chinese hackers out. Presumably, these measures would also work against Iranian – or domestic – hackers.
U.S. government and public sector cloud accounts will now automatically generate, store and rotate token signing keys, wrote Charlie Bell, executive vice president of security at Microsoft a blog post.
- Signature keys are now also stored in the customer’s so-called “hardware secure module”, making access through user accounts virtually impossible.
- The company has also changed the validity period of access tokens issued to internal employees to seven days. So even if a hacker somehow gets into an employee’s account, they still wouldn’t be able to get into the corresponding customer’s account.
Computer/Internet security seems to be a never-ending arms race, and with something as convoluted as an operating system and associated software, such as Microsoft’s Office suites, it seems arduous, if not impossible, to anticipate and forestall all possible avenues of attack for hackers. If the history of the Internet has taught us anything, it has taught us that hackers can actually be very clever. And with the resources of a nation-state behind them, these hackers can impress even second-rate states like North Korea and Iran.
However, questions remain for Microsoft. We have now seen several significant releases of information about American politicians. Some of these involved personal breaches and the publication of two-part messages involving the leaker. But others were pure hackers – and it appears that Microsoft’s priorities lay elsewhere as these events unfolded.
Microsoft has some explaining to do. And the U.S. government and political campaigns may want to start hiring their own data security staff.
